Hi! heath bunting: > > does this mean the iso has been corrupted in transit ?
No. > $ gpg --keyid-format 0xlong --verify tails-i386-2.7.iso.sig > tails-i386-2.7.iso > gpg: Signature made Sun 13 Nov 2016 16:08:49 GMT > gpg: using RSA key 0xAF292B44A0EDAA41 > gpg: Can't check signature: public key not found You will need to download and import (gpg --import) the Tails signing key and then verify again. Our public signing key can be found here: https://tails.boum.org/tails-signing.key You should be able to see the following after the successful import, by executing the list-keys command: gpg --list-keys 0xAF292B44A0EDAA41 pub 4096R/0xDBB802B258ACD84F 2015-01-18 [expires: 2018-01-11] Fingerprint = A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F uid [ undef.] Tails developers (offline long-term identity key) <[email protected]> uid [ unbek.] Tails developers <[email protected]> sub 4096R/0x98FEC6BC752A3DB6 2015-01-18 [expires: 2018-01-11] sub 4096R/0x3C83DCB52F699C56 2015-01-18 [expires: 2018-01-11] sub 4096R/0xAF292B44A0EDAA41 2016-08-30 [expires: 2018-01-11] This is the OpenPGP verification procedure in totality: https://tails.boum.org/install/download/openpgp/index.en.html However, many users don't actually know PGP enough to verify our images like this, so we strongly encourage people to use either Bittorrent or the Firefox extension to download the ISOs. See https://tails.boum.org/install These methods do the verification automatically. OpenPGP should only be needed for a second check. Cheers! u.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tails-support mailing list [email protected] https://mailman.boum.org/listinfo/tails-support To unsubscribe from this list, send an empty email to [email protected].
